The News Review:
- TITLE: Microsoft PowerPoint Freelance Layout Parsing Vulnerability
- Microsoft Issues Record Number of Security Updates
- Apple goes after business; watch out Palm RIM Microsoft
- Major Changes Hidden in Microsoft PowerPoint Update
TITLE: Microsoft PowerPoint Freelance Layout Parsing Vulnerability
Secubs
For more information visit:. The vulnerability is caused due to an array-indexing error in theMicrosoft PowerPoint Freelance Windows 2. 1 Translator (FL21WIN. DLL)when parsing layout information and can be exploited to cause aheap-based buffer overflow. Successful exploitation allows execution of arbitrary code.
Related from Withphp: TITLE: Megacubo URI Handling PHP Code Injection Vulnerability
Microsoft Issues Record Number of Security Updates
Washington Post
Last month Microsoft shipped. The company said at the time that it was still working on fixing those flaws in the Powerpoint versions in ffice for Mac and Microsoft Works.
Apple goes after business; watch out Palm RIM Microsoft
ZDNet
I’ve not been a fan of Microsoft Entourage – which is the Mac version of utlook. But I’ve also not really been able to use Apple Mail and the other apps because I still need Entourage to get those business messages. The new features built into the Exchange support including the ability to preview a file such as a Powerpoint as a mail attachments – even if you don’t have Microsoft’s Powerpoint installed on your machine. At the tail end of the keynote Marketing VP Phil Schiller noted that the new iPhone S will include hardware encryption – a data-protection feature that businesses have asked for – and that the encryption will extend to the Mac or PC when the data is backed up. Apple also announced a feature that allows users to remotely wipe clean their iPhones if it gets lost so that sensitive corporate data doesn’t fall into the wrong hands – and can still be recovered by syncing with the computer when the phone is either recovered or replaced. (see video below)It’s tough to say if business customers will flock to an Apple solution – after all the computers are still significantly more expensive than a Windows machine and there are some native apps that just won’t run on a Mac. But as businesses learn more about the cost savings that come with cloud computing and mobile apps for business transactions the necessity for an all-Windows solution becomes less critical.
Major Changes Hidden in Microsoft PowerPoint Update
PC Magazine
In this case the Mac version is not yet ready but Microsoft decided to go ahead with the Windows version since the actual attacks going on in the wild are all Windows-specific. The Mac version will follow when ready presumably. The second point is that Microsoft has removed support for “the very old PowerPoint 4 converter (PP4X322. DLL)” with the release of this update. This program and the formats it supports are more trouble than they’re worth it would seem and it’s years since they have been the default format on any supported version of PowerPoint. They provide a registry hack you can apply to re-enable PowerPoint 4 support in current products but they advise that you unapply the hack afterwards. Finally file converter support in ffice 2000 and ffice XP has been upgraded by back-porting the latest code from ffice 2003 into it.